package com.demo.controller;

import java.io.Serializable;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class UserController {

	@RequestMapping(value = "/login",method = RequestMethod.GET)
	private String loging(@RequestParam("name") String name,@RequestParam("password") String password) {
//		String name="rose";
//		String password="123";
		
		try {
			
		UsernamePasswordToken token = new UsernamePasswordToken(name,password);
		Subject subject = SecurityUtils.getSubject();
		
			String sid = (String)subject.getSession().getId();
			
			
			subject.login(token);
			return "登录成功! session:"+sid;
		} catch (UnknownAccountException e) {
			return "用户名不存在!";
		}catch (IncorrectCredentialsException e) {
			return "密码不正确!";
		}
	}
	
	@RequestMapping("/autherror")
	public String autherror(int code) {
		return code==1?"未登录":"未授权";
	}
	
	@RequestMapping("/")
	public String getIndex() {
		Subject subject = SecurityUtils.getSubject();
		String sid = (String)subject.getSession().getId();
		return ("我是主页 session:"+sid);
	}
}
